Merge pull request #16 from nellshamrell/project-support-criteria-take-2

creates focused criteria for evaluating memory safety efforts (more t…
ossf · Dec 14, 2023 · 3958881 · 3958881
2 parents 718c7ec + 7a0d645
commit 3958881
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 11 deletions.
diff --git a/docs/funding-recommendations.md b/docs/funding-recommendations.md
diff --git a/docs/project-support-criteria.md b/docs/project-support-criteria.md
@@ -0,0 +1,18 @@
+# OpenSSF Memory Safety Project Support Program
+
+NOTE - This is currently a draft and this program has not been launched yet!
+
+[The OpenSSF TAC/Foundation is currently working on a funding model and process](https://github.com/ossf/Memory-Safety/pull/13#issuecomment-1791255657) for supporting project/efforts related to Open Source Software Security.
+
+This Working Group is focused specifically on how to technically evaluate a project/effort related to improving memory safety in Open Source Software.
+
+## Draft Criteria
+
+Does this project meaningfully improve memory safety within Open Source software [according to our definition of memory safety](https://github.com/ossf/Memory-Safety/blob/main/docs/definitions.md)?
+
+Meaningful efforts include (but are not limited to):
+
+* Targeted re-write efforts of Open Source software in memory safe by default languages
+* Educational efforts on memory safety in software
+* Tools/Processes which improve the memory safety of software when a rewrite in a memory safe by default language is not possible/practical
+* Efforts which reduce undefined behavior (related to memory safety) in commonly used Open Source software components